I think now that semantic versioning is more established in the wider SilverStripe ecosystem, that becomes more feasible. I'd expect the main use case would be patch-level upgrades of existing modules for security releases. In practice, it means that you opt out of maintaining a composer.json and composer.lock as part of your website repository, and bypass other controls like UAT environments, pre-deploy builds etc. That might be feasible for some projects, but I don't think it'll serve the wider community well in terms of making this a core feature - one aspect that has always distinguished SilverStripe is the certainty of what is getting deployed: You don't have to deal with database state merges for configuration, since it's all in code (and your repo).

You might want to dig through groups.google.com/forum/#!forum/silverstripe-dev, this idea has been discussed before there.